Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0003, PAN-SA-2016-0005)

Critical Nessus Plugin ID 89688

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The Palo Alto Networks PAN-OS running on the remote host is version 5.0.x prior to 5.0.18, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, or 7.0.x prior to 7.0.5. It is, therefore, affected by the following vulnerabilities:

- An overflow condition exists in the GlobalProtect web portal due to improper validation of user-supplied input when handling SSL VPN requests. An unauthenticated, remote attacker can exploit this, via a crafted request, to cause a denial of service or to execute arbitrary code.
(VulnDB 135052)

- A flaw exists in the web-based management API due to improper parsing of user-supplied input to certain API calls. An unauthenticated, remote attacker can exploit this to inject and execute arbitrary OS commands.
(VulnDB 135054)

Solution

Upgrade to Palo Alto Networks PAN-OS version 5.0.18 / 6.0.13 / 6.1.10 / 7.0.5 or later.

See Also

https://securityadvisories.paloaltonetworks.com/Home/Detail/36

https://securityadvisories.paloaltonetworks.com/Home/Detail/38

Plugin Details

Severity: Critical

ID: 89688

File Name: palo_alto_PAN-SA-2016-0005.nasl

Version: 1.9

Type: combined

Published: 2016/03/04

Modified: 2018/08/08

Dependencies: 72816

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 2016/02/25

Vulnerability Publication Date: 2016/02/25